Results tagged “Operation Cupcake” from Spy Blog - SpyBlog.org.uk

Last summer, there was a bit of fuss about about an alleged Al Quaeda associate produced glossy electronic magazine, called "Inspire", written in English, for the benefit of wannabe jihadi extremists in the USA and the UK etc, without arabic language skills.

This week, the Washington Post has repeated the story with the added twist of uncritically "crediting" British Intelligence with carrying out a stupid "cyber attack", which the US authorities had supposedly decided not to go ahead with.

Last year, for instance, U.S. intelligence officials learned of plans by an al-Qaeda affiliate to publish an online jihadist magazine in English called Inspire, according to numerous current and senior U.S. officials. And to some of those skilled in the emerging new world of cyber-warfare, Inspire seemed a natural target.

The head of the newly formed U.S. Cyber Command, Gen. Keith Alexander, argued that blocking the magazine was a legitimate counterterrorism target and would help protect U.S. troops overseas. But the CIA pushed back, arguing that it would expose sources and methods and disrupt an important source of intelligence. The proposal also rekindled a long-standing interagency struggle over whether disrupting a terrorist Web site overseas was a traditional military activity or a covert activity -- and hence the prerogative of the CIA.

The CIA won out, and the proposal was rejected. But as the debate was underway within the U.S. government, British government cyber-warriors were moving forward with a plan.

When Inspire launched on June 30, the magazine's cover may have promised an "exclusive interview" with Sheik Abu Basir al-Wahishi, a former aide to Osama bin Laden, and instructions on how to "Make a Bomb in the Kitchen of Your Mom." But pages 4 through 67 of the otherwise slick magazine, including the bomb-making instructions, were garbled as a result of the British cyber-attack.

It took almost two weeks for al-Qaeda in the Arabian Peninsula to post a corrected version, said Evan Kohlmann, senior partner at Flashpoint Global Partners, which tracks jihadi Web sites.

Mainstream media commentators and Twitterati have dubbed this as "Operation Cupcake", and have gleefully repeated and elaborated it, without bothering to analyse the story at all.

If this was a deliberate "cyber attack", then it was extremely inept.

Even the Washington Post article mentions that a corrected version of the .pdf file was being distributed after less than 2 weeks, so what exactly did this supposed "disruption" actually achieve ?

Like most internet censorship, it has suffered from the Streisand effect. As a result of the publicity, many more people have now downloaded copies of Inspire magazine than ever would have bothered to otherwise.

You can download copies of all 5 editions (so far) of "Inspire" magazine, as well as proof of the "Cupcake" corruption from the Public Intelligence website.

They, like us, are also sceptical of the provenance of this magazine. It could so easily be some sort of scam perpetrated by one of the unscrupulous wannabe private sector "terrorist trackers" who provide convenient "evidence" in support of multi-billion dollar counter-terrorism budgets and repressive laws.

If "British intelligence" was involved in this alleged incident, then why was such an obviously American "Cupcake" recipe used as the criminal damage payload to corrupt the .pdf file ? Even the wikipedia entry for Cupcake recognises that these are called "Fairy Cakes" in the United Kingdom.

Since "Inspire" magazine is supposedly aimed at internet self-radicalising wannabes in the United Kingdom and the USA etc, why would British intelligence use an American "joke" ?

British intelligence agencies i.e. GCHQ, MI5 the Security Service, MI6 the Secret Intelligence Service, the Metropolitan Police SO15 Counter Terrorism Command and the Counter Terrorism Internet Referral Unit, all claim to work within the law.

The Police (but not the Intelligence Agencies) have legal powers to demand that an Internet Service Provider removes a file from a public website under the Terrorism Act 2006 section 3.

The Intelligence agencies and the Police may have legal powers for Intrusive Surveillance involving otherwise illegal computer access ("hacking").under the Regulation of Investigatory Powers Act 2000.

None of them have any legal exemption from the Computer Misuse Act 1990, as amended by the Police and Justice Act 2006, to modify or corrupt any computer data:

(c)to impair the operation of any such program or the reliability of any such data; or

This offence is punishable by up to 10 years in prison and / or an unlimited fine.

The corrupted first edition of "Inspire" magazine contains not only the amateur pipe bomb "recipe", which is rather less sophisticated information than what you could pick up from watching episodes of US criminal forensics tv dramas like CSI or NCIS etc., but also some screenshots of a supposed "jihadist" data encryption program and a "public key":

Al-Ekhlaas Network ASRAR El Moujahedeen V2.0 Public Key 2048 bit-

This is encryption system is neither open source like GnuPG or PGP, nor is it compatible with them.

There must be reasonable suspicion that this is a crude attempt to con wannabe jihadists into using an encryption system which can be read by someone else and which immediately self-incriminates a user of it as a"terrorist suspect".

The contact emails for "Inspire" magazine are all, suspiciously, only from entirely USA based free email providers: hotmail,com, gmail.com, fastmail.net and yahoo.com.

Why would any Al Quaeda associated group choose to give the US authorities automatic access to their Communications Traffic Data (email addresses, IP addresses, web browser details , times and dates and amount of data transmitted etc.), even if the contents of emails are actually strongly encrypted ?

It is unclear if there was any "hacking" at all. Anyone could simply have seeded a corrupted / faked / amended copy of the Inspire magazine (.pdf) into a per to peer file sharing network e.g. using BitTorrent.

The British mainstream media has been busy publishing stupid, anonymous briefings from Whitehall officials which use the idiotic "neither confirm nor deny" formula, which, given the proven lies which it has been used to cover up in the past, is as good as an admission of guilt in the public mind.

However they cannot decide which branch of "British Intelligence" should be praised or blamed for "Operation Cupcake"

e.g. The Daily Telegraph claims it was MI6 the Secret intelligence Service

British intelligence has hacked into an al-Qaeda online magazine and replaced bomb-making instructions with a recipe for cupcakes.

By Duncan Gardham, Security Correspondent

7:16PM BST 02 Jun 2011

[...]

A Pentagon operation, backed by Gen Keith Alexander, the head of US Cyber Command, was blocked by the CIA which argued that it would expose sources and methods and disrupt an important source of intelligence, according to a report in America.

However the Daily Telegraph understands an operation was launched from Britain instead.

Al-Qaeda was able to reissue the magazine two weeks later and has gone on to produce four further editions but one source said British intelligence was continuing to target online outlets publishing the magazine because it is viewed as such a powerful propaganda tool.

[...]

It is alarming how many of the hundreds of "news" stories on this topic around the world appear to be simply churnalism, blindly parroting the Daily Telegraph and its naming of MI6.

Whitehall sources have revealed that British intelligence officers successfully sabotaged the launch of the first English language website set up by an al-Qaida affiliate.

The officers, understood to be based at Government Communications Headquarters (GCHQ) in Cheltenham, attacked an online jihadist magazine in English called Inspire, devised by supporters of al-Qaida in the Arabian Peninsula.

A pdf file containing fairy cake recipes was inserted into Inspire to garble most of the 67 pages of the online magazine, including instructions on how to "Make a Bomb in the Kitchen of Your Mom".

Though the authenticity of claims made about Inspire have been questioned, British security and intelligence sources say they believe the magazine, and the bomb-making instructions, were genuine.

The sabotage took place a year ago, following a dispute between agencies in the US about who should take on the role of attacking the Inspire website.

Publicising the achievement amounted to little more than a propaganda exercise - "just to let them know", as one British official put it on Thursday.

The Associated Press also goes for GCHQ and also seems to be be complicit in being briefed by anonymous government spokesmen, who cannot be challenged directly.:

"We're increasingly using cybertools as part of our work," a British government official who spoke on condition of anonymity to discuss intelligence matters said Friday, confirming that the Inspire magazine had been successfully attacked.

The hackers were reportedly working for Britain's eavesdropping agency, GCHQ, which has boosted its resources in the past several years.

[...]

But choosing to hack into al-Qaida-affiliated websites or other systems is also risky business for intelligence agencies. Infiltrating a site can often expose sources and methods, a second British official said, also speaking on condition of anonymity to discuss cybersecurity matters. He would not specify how Inspire was hacked.

British officials consider al-Qaida in the Arabian Pensinsula to be a significant threat to U.K. interests.

The local newspaper website This Is Gloucestershire, assumes that it must have been GCHQ in Cheltenham:

She said: "We cannot confirm or deny any of our operational capabilities."

This Cold War anonymous briefing nonsense is simply not good enough any more when dealing with internet stories from overseas.

Named official spokesmen either Home Office or Foreign Office officials or the Ministers who are supposedly elected to be accountable to the public for the actions of their bureaucrats, should be issuing a very firm denial of any British involvement in such a stupid plot.

The main reason for an unambiguous official denial should be the forthcoming terrorism trial of the Cardiff, London and Stoke on Trent plotters who were charged on 27th December 2010:

ENGAGING IN CONDUCT IN PREPARATION FOR ACTS OF TERRORISM, contrary to section 5(1) of the Terrorism Act 2006.

PARTICULARS OF OFFENCE: on diverse days between the 1 day of October and 20 day of December 2010, with the intention of committing an act or acts of terrorism, engaged in conduct in preparation for giving effect to that intention, namely and including, downloading, researching, obtaining and discussing materials and methods; researching, discussing, carrying out reconnaissance on, and agreeing potential targets; travelling to and attending meetings; igniting and testing incendiary material.

Other materials found in residences included an al-Qaida support journal called 'Inspire' that contained bomb-making instructions. The features included: 'How to make a pipe bomb in the kitchen of your mom'; 'What to expect in jihad' and 'Tips for brothers in the US'

Obviously the alleged British "Operation Cupcake" failed to prevent these plotters from getting hold of the full first edition of "Inspire" magazine with the full pipe bomb recipe.

Since no actual explosives or firearms or money etc. was found, this will be Yet Another Terrorism Thought Crime Trial, where, presumably one of the key bits of evidence will be the downloading and possession the alleged "Inspire" magazine.

If "British Intelligence" continue to simply "neither confirm nor deny" that they were involved in altering or faking this edition of "Inspire" magazine, then there is every chance that a judge and jury will believe that it has been planted by "British Intelligence", thereby prejudicing its use as evidence in the trial.

Unless the British Government explicitly denies any involvement in "Operation Cupcake", then Intelligence Agency witnesses will be subpoenaed to be cross examined in Court. The prosecution may then have to drop the charges, for fear of revealing intelligence "operational sources and methods".

Tags:

About this blog

This United Kingdom based blog attempts to draw public attention to, and comments on, some of the current trends in ever cheaper and more widespread surveillance technology being deployed to satisfy the rapacious demand by state and corporate bureaucracies and criminals for your private details, and the technological ignorance of our politicians and civil servants who frame our legal systems.

The hope is that you the readers, will help to insist that strong safeguards for the privacy of the individual are implemented, especially in these times of increased alert over possible terrorist or criminal activity. If the systems which should help to protect us can be easily abused to supress our freedoms, then the terrorists will have won.

We know that there are decent, honest, trustworthy individual politicians, civil servants, law enforcement, intelligence agency personnel and broadcast, print and internet journalists etc., who often feel powerless or trapped in the system. They need the assistance of external, detailed, informed, public scrutiny to help them to resist deliberate or unthinking policies, which erode our freedoms and liberties.

Email & PGP Contact

Please feel free to email your views about this blog, or news about the issues it tries to comment on.

Our PGP public encryption key is available for those correspondents who wish to send us news or information in confidence, and also for those of you who value your privacy, even if you have got nothing to hide.

We wiil use this verifiable public key (the ID is available on several keyservers, twitter etc.) to establish initial contact with whistleblowers and other confidential sources, but will then try to establish other secure, anonymous communications channels, as appropriate.

Current PGP Key ID: 0x4C7F2E878638F21F which will expire on 29th August 2019.

You can download a free copy of the PGP encryption software from www.pgpi.org
(available for most of the common computer operating systems, and also in various Open Source versions like GPG)

We look forward to the day when UK Government Legislation, Press Releases and Emails etc. are Digitally Signed so that we can be assured that they are not fakes. Trusting that the digitally signed content makes any sense, is another matter entirely.

Hints and Tips for Whistleblowers and Political Dissidents

Please take the appropriate precautions if you are planning to blow the whistle on shadowy and powerful people in Government or commerce, and their dubious policies. The mainstream media and bloggers also need to take simple precautions to help preserve the anonymity of their sources e.g. see Spy Blog's Hints and Tips for Whistleblowers - or use this easier to remember link: http://ht4w.co.uk

Statewatch - monitoring the state and civil liberties in the European Union

The Policy Laundering Project - attempts by Governments to pretend their repressive surveillance systems, have to be introduced to comply with international agreements, which they themselves have pushed for in the first place

House of Lords - The Law Lords are currently the supreme court in the UK - will be moved to the new Supreme Court in October 2009.

Information Tribunal - deals with appeals under FOIA, DPA both for and against the Information Commissioner

Investigatory Powers Tribunal - deals with complaints about interception and snooping under RIPA - has almost never ruled in favour of a complainant.

Parliamentary Opposition

The incompetent yet authoritarian Labour party have not apologised for their time in Government. They are still not providing any proper Opposition to the current Conservative - Liberal Democrat coalition government, on any freedom or civil liberties or privacy or surveillance issues.

UK Government

Home Office - "Not fit for purpose. It is inadequate in terms of its scope, it is inadequate in terms of its information technology, leadership, management systems and processes" - Home Secretary John Reid. 23rd May 2006. Not quite the fount of all evil legislation in the UK, but close.

NIR and ID cards

Stand - email and fax campaign on ID Cards etc. [Now defunct]. The people who supported stand.org.uk have gone on to set up other online tools like WriteToThem.com. The Government's contemptuous dismissal of over 5,000 individual responses via the stand.org website to the Home Office public consultation on Entitlement Cards is one of the factors which later led directly to the formation of the the NO2ID Campaign who have been marshalling cross party opposition to Labour's dreadful National Identity Register compulsory centralised national biometric database and ID Card plans, at the expense of simpler, cheaper, less repressive, more effective, nore secure and more privacy friendly alternative identity schemes.

CommentOnThis.com - comments and links to each paragraph of the Home Office's "Strategic Action Plan for the National Identity Scheme".

De-Materialised ID - "The voluntary alternative to material ID cards, A Proposal by David Moss of Business Consultancy Services Ltd (BCSL)" - well researched analysis of the current Home Office scheme, and a potentially viable alternative.

Surveillance Infrastructures

CameraWatch - independent UK CCTV industry lobby group - like us, they also want more regulation of CCTV surveillance systems.

Every Step You Take a documentary about CCTV surveillance in the Uk by Austrian film maker Nino Leitner.

Transport for London an attempt at a technological panopticon - London Congestion Charge, London Low-Emission Zone, Automatic Number Plate Recognition cameras, tens of thousands of CCTV cameras on buses, thousands of CCTV cameras on London Underground, realtime road traffic CCTV, Iyster smart cards - all handed over to the Metropolitan Police for "national security" purposes, in real time, in bulk, without any public accountibility, for secret data mining, exempt from even the usual weak protections of the Data Protection Act 1998.

Eeclaim Your DNA from Britain's National DNA Database - model letters and advice on how to have your DNA samples and profiles removed from the National DNA Database,in spite of all of the nureacratic obstacles which try to prevent this, even if you are innocent.

Bloggerheads: The Alisher Usmanov Affair - the rich Uzbek businessman and his shyster lawyers Schillings really made a huge counterproductive error in trying to censor the blogs of Tim Ireland, of all people.

World's First Fascist Democracy - blog with link to a Google map - "This map is an attempt to take a UK wide, geographical view, of both the public and the personal effect of State sponsored fear and distrust as seen through the twisted technological lens of petty officials and would be bureaucrats nationwide."

Panopticon blog - by Timothy Pitt-Payne and Anya Proops. Timothy Pitt-Payne is probably the leading legal expert on the UK's Freedom of Information Act law, often appearing on behlaf of the Information Commissioner's Office at the Information Tribunal.

Georgetown Security Law Brief - group blog by the Georgetown Law Center on National Security and the Law , at Georgtown University, Washington D.C, USA.

Big Brother Watch - well connected with the mainstream media, this is a campaign blog by the TaxPayersAlliance, which thankfully does not seem to have spawned Yet Another Campaign Organisation as many Civil Liberties groups had feared.

Spy on Moseley - "Sparkbrook, Springfield, Washwood Heath and Bordesley Green. An MI5 Intelligence-gathering operation to spy on Muslim communities in Birmingham is taking liberties in every sense" - about 150 ANPR CCTV cameras funded by Home Office via the secretive Terrorism and Allied Matters (TAM) section of ACPO.

FitWatch blog - keeps an eye on the activities of some of the controversial Police Forward Intelligence Teams, who supposedly only target "known troublemakers" for photo and video surveillance, at otherwise legal, peaceful protests and demonstrations.

Other Links

Free Gary McKinnon - UK citizen facing extradition to the USA for "hacking" over 90 US Military computer systems.

Parliament Protest - information and discussion on peaceful resistance to the arbitrary curtailment of freedom of assembly and freedom of speech, in the excessive Serious Organised Crime and Police Act 2005 Designated Area around Parliament Square in London.

Syndicate this site (XML):

Follow Spy Blog on Twitter

Please bear in mind the many recent, serious security vulnerabilities which have compromised the Twitter infrastructure and many user accounts, and Twitter's inevitable plans to make money out of you somehow, probably by selling your Communications Traffic Data to commercial and government interests.

May 2019

Sun

Mon

Tue

Wed

Thu

Fri

Sat

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

UK Legislation

The United Kingdom suffers from tens of thousands of pages of complicated criminal laws, and thousands of new, often unenforceable criminal offences, which have been created as a "Pretend to be Seen to Be Doing Something" response to tabloid media hype and hysteria, and political social engineering dogmas. These overbroad, catch-all laws, which remove the scope for any judicial appeals process, have been rubber stamped, often without being read, let alone properly understood, by Members of Parliament.

The text of many of these Acts of Parliament are now online, but it is still too difficult for most people, including the police and criminal justice system, to work out the cumulative effect of all the amendments, even for the most serious offences involving national security or terrorism or serious crime.

Foreign Spies / Intelliegence Agencies in the UK

It is not just the UK government which tries to snoop on British companies, organisations and individuals, the rest of the world is constantly trying to do the same, regardless of the mixed efforts of our own UK Intelligence Agencies who are paid to supposedly protect us from them.

Presumably every mainstream media organisation, intelligence agency, serious organised crime or terrorist gang keeps historical copies, so here are some older versions of the London Diplomatic List, for the benefit of web search engine queries, for those people who do not want their visits to appear in the FCO web server logfiles or those whose censored internet feeds block access to UK Government websites.

Campaign Button Links

Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.

FreeFarid.com - Kafkaesque extradition of Farid Hilali under the European Arrest Warrant to Spain

Parliament Protest blog - resistance to the Designated Area restricting peaceful demonstrations or lobbying in the vicinity of Parliament.

The Big Opt Out Campaign - opt out of having your NHS Care Record medical records and personal details stored insecurely on a massive national centralised database.

Tor - the onion routing network - "Tor aims to defend against traffic analysis, a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security. Communications are bounced around a distributed network of servers called onion routers, protecting you from websites that build profiles of your interests, local eavesdroppers that read your data or learn what sites you visit, and even the onion routers themselves."

Home Office Watch blog, "a single repository of all the shambolic errors and mistakes made by the British Home Office compiled from Parliamentary Questions, news reports, and tip-offs by the Liberal Democrat Home Affairs team."

Cracking the Black Box - "aims to expose technology that is being used in inappropriate ways. We hope to bring together the insights of experts and whistleblowers to shine a light into the dark recesses of systems that are responsible for causing many of the privacy problems faced by millions of people."